Chromium Code Reviews Chromium Code Reviews
Issue 123383002:
Enable SDCH support over HTTPS. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/sdch_manager.h" | 5 #include "net/base/sdch_manager.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/metrics/histogram.h" | 9 #include "base/metrics/histogram.h" |
| 10 #include "base/strings/string_number_conversions.h" | 10 #include "base/strings/string_number_conversions.h" |
| (...skipping 10 matching lines...) Expand all Loading... | |
| 21 | 21 |
| 22 // static | 22 // static |
| 23 const size_t SdchManager::kMaxDictionaryCount = 20; | 23 const size_t SdchManager::kMaxDictionaryCount = 20; |
| 24 | 24 |
| 25 // static | 25 // static |
| 26 SdchManager* SdchManager::global_ = NULL; | 26 SdchManager* SdchManager::global_ = NULL; |
| 27 | 27 |
| 28 // static | 28 // static |
| 29 bool SdchManager::g_sdch_enabled_ = true; | 29 bool SdchManager::g_sdch_enabled_ = true; |
| 30 | 30 |
| 31 // static | |
| 32 bool SdchManager::g_sdch_over_secure_enabled_ = false; | |
| 33 | |
| 31 //------------------------------------------------------------------------------ | 34 //------------------------------------------------------------------------------ |
| 32 SdchManager::Dictionary::Dictionary(const std::string& dictionary_text, | 35 SdchManager::Dictionary::Dictionary(const std::string& dictionary_text, |
| 33 size_t offset, | 36 size_t offset, |
| 34 const std::string& client_hash, | 37 const std::string& client_hash, |
| 35 const GURL& gurl, | 38 const GURL& gurl, |
| 36 const std::string& domain, | 39 const std::string& domain, |
| 37 const std::string& path, | 40 const std::string& path, |
| 38 const base::Time& expiration, | 41 const base::Time& expiration, |
| 39 const std::set<int>& ports) | 42 const std::set<int>& ports) |
| 40 : text_(dictionary_text, offset), | 43 : text_(dictionary_text, offset), |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 55 /* The specific rules of when a dictionary should be advertised in an | 58 /* The specific rules of when a dictionary should be advertised in an |
| 56 Avail-Dictionary header are modeled after the rules for cookie scoping. The | 59 Avail-Dictionary header are modeled after the rules for cookie scoping. The |
| 57 terms "domain-match" and "pathmatch" are defined in RFC 2965 [6]. A | 60 terms "domain-match" and "pathmatch" are defined in RFC 2965 [6]. A |
| 58 dictionary may be advertised in the Avail-Dictionaries header exactly when | 61 dictionary may be advertised in the Avail-Dictionaries header exactly when |
| 59 all of the following are true: | 62 all of the following are true: |
| 60 1. The server's effective host name domain-matches the Domain attribute of | 63 1. The server's effective host name domain-matches the Domain attribute of |
| 61 the dictionary. | 64 the dictionary. |
| 62 2. If the dictionary has a Port attribute, the request port is one of the | 65 2. If the dictionary has a Port attribute, the request port is one of the |
| 63 ports listed in the Port attribute. | 66 ports listed in the Port attribute. |
| 64 3. The request URI path-matches the path header of the dictionary. | 67 3. The request URI path-matches the path header of the dictionary. |
| 65 4. The request is not an HTTPS request. | 68 4. The request is not an HTTPS request. |
|
jar (doing other things)
2014/01/03 18:35:13
nit: please update the comment with something like
mef
2014/01/03 20:26:55
Done.
| |
| 66 */ | 69 */ |
| 67 if (!DomainMatch(target_url, domain_)) | 70 if (!DomainMatch(target_url, domain_)) |
| 68 return false; | 71 return false; |
| 69 if (!ports_.empty() && 0 == ports_.count(target_url.EffectiveIntPort())) | 72 if (!ports_.empty() && 0 == ports_.count(target_url.EffectiveIntPort())) |
| 70 return false; | 73 return false; |
| 71 if (path_.size() && !PathMatch(target_url.path(), path_)) | 74 if (path_.size() && !PathMatch(target_url.path(), path_)) |
| 72 return false; | 75 return false; |
| 73 if (target_url.SchemeIsSecure()) | 76 if (!SdchManager::sdch_over_secure_enabled() && target_url.SchemeIsSecure()) |
| 77 return false; | |
| 78 if (target_url.SchemeIsSecure() && !url_.SchemeIsSecure()) | |
| 74 return false; | 79 return false; |
| 75 if (base::Time::Now() > expiration_) | 80 if (base::Time::Now() > expiration_) |
| 76 return false; | 81 return false; |
| 77 return true; | 82 return true; |
| 78 } | 83 } |
| 79 | 84 |
| 80 //------------------------------------------------------------------------------ | 85 //------------------------------------------------------------------------------ |
| 81 // Security functions restricting loads and use of dictionaries. | 86 // Security functions restricting loads and use of dictionaries. |
| 82 | 87 |
| 83 // static | 88 // static |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 159 } | 164 } |
| 160 if (!ports_.empty() | 165 if (!ports_.empty() |
| 161 && 0 == ports_.count(referring_url.EffectiveIntPort())) { | 166 && 0 == ports_.count(referring_url.EffectiveIntPort())) { |
| 162 SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_PORT_LIST); | 167 SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_PORT_LIST); |
| 163 return false; | 168 return false; |
| 164 } | 169 } |
| 165 if (path_.size() && !PathMatch(referring_url.path(), path_)) { | 170 if (path_.size() && !PathMatch(referring_url.path(), path_)) { |
| 166 SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_PATH); | 171 SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_PATH); |
| 167 return false; | 172 return false; |
| 168 } | 173 } |
| 169 if (referring_url.SchemeIsSecure()) { | 174 if (!SdchManager::sdch_over_secure_enabled() && |
| 175 referring_url.SchemeIsSecure()) { | |
| 176 SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_SCHEME); | |
| 177 return false; | |
| 178 } | |
| 179 if (referring_url.SchemeIsSecure() && !url_.SchemeIsSecure()) { | |
| 170 SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_SCHEME); | 180 SdchErrorRecovery(DICTIONARY_FOUND_HAS_WRONG_SCHEME); |
| 171 return false; | 181 return false; |
| 172 } | 182 } |
| 173 | 183 |
| 174 // TODO(jar): Remove overly restrictive failsafe test (added per security | 184 // TODO(jar): Remove overly restrictive failsafe test (added per security |
| 175 // review) when we have a need to be more general. | 185 // review) when we have a need to be more general. |
| 176 if (!referring_url.SchemeIs("http")) { | 186 if (!referring_url.SchemeIsHTTPOrHTTPS()) { |
| 177 SdchErrorRecovery(ATTEMPT_TO_DECODE_NON_HTTP_DATA); | 187 SdchErrorRecovery(ATTEMPT_TO_DECODE_NON_HTTP_DATA); |
| 178 return false; | 188 return false; |
| 179 } | 189 } |
| 180 | 190 |
| 181 return true; | 191 return true; |
| 182 } | 192 } |
| 183 | 193 |
| 184 bool SdchManager::Dictionary::PathMatch(const std::string& path, | 194 bool SdchManager::Dictionary::PathMatch(const std::string& path, |
| 185 const std::string& restriction) { | 195 const std::string& restriction) { |
| 186 /* Must be either: | 196 /* Must be either: |
| (...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 245 DCHECK(CalledOnValidThread()); | 255 DCHECK(CalledOnValidThread()); |
| 246 fetcher_.reset(fetcher); | 256 fetcher_.reset(fetcher); |
| 247 } | 257 } |
| 248 | 258 |
| 249 // static | 259 // static |
| 250 void SdchManager::EnableSdchSupport(bool enabled) { | 260 void SdchManager::EnableSdchSupport(bool enabled) { |
| 251 g_sdch_enabled_ = enabled; | 261 g_sdch_enabled_ = enabled; |
| 252 } | 262 } |
| 253 | 263 |
| 254 // static | 264 // static |
| 265 void SdchManager::EnableSdchOverSecureSupport(bool enabled) { | |
| 266 g_sdch_over_secure_enabled_ = enabled; | |
| 267 } | |
| 268 | |
| 269 // static | |
| 255 void SdchManager::BlacklistDomain(const GURL& url) { | 270 void SdchManager::BlacklistDomain(const GURL& url) { |
| 256 if (!global_ ) | 271 if (!global_ ) |
| 257 return; | 272 return; |
| 258 global_->SetAllowLatencyExperiment(url, false); | 273 global_->SetAllowLatencyExperiment(url, false); |
| 259 | 274 |
| 260 std::string domain(StringToLowerASCII(url.host())); | 275 std::string domain(StringToLowerASCII(url.host())); |
| 261 int count = global_->blacklisted_domains_[domain]; | 276 int count = global_->blacklisted_domains_[domain]; |
| 262 if (count > 0) | 277 if (count > 0) |
| 263 return; // Domain is already blacklisted. | 278 return; // Domain is already blacklisted. |
| 264 | 279 |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 337 if (SdchManager::Global()->CanFetchDictionary(request_url, dictionary_url) && | 352 if (SdchManager::Global()->CanFetchDictionary(request_url, dictionary_url) && |
| 338 fetcher_.get()) | 353 fetcher_.get()) |
| 339 fetcher_->Schedule(dictionary_url); | 354 fetcher_->Schedule(dictionary_url); |
| 340 } | 355 } |
| 341 | 356 |
| 342 bool SdchManager::CanFetchDictionary(const GURL& referring_url, | 357 bool SdchManager::CanFetchDictionary(const GURL& referring_url, |
| 343 const GURL& dictionary_url) const { | 358 const GURL& dictionary_url) const { |
| 344 DCHECK(CalledOnValidThread()); | 359 DCHECK(CalledOnValidThread()); |
| 345 /* The user agent may retrieve a dictionary from the dictionary URL if all of | 360 /* The user agent may retrieve a dictionary from the dictionary URL if all of |
| 346 the following are true: | 361 the following are true: |
| 347 1 The dictionary URL host name matches the referrer URL host name | 362 1 The dictionary URL host name matches the referrer URL host name and |
| 363 scheme. | |
| 348 2 The dictionary URL host name domain matches the parent domain of the | 364 2 The dictionary URL host name domain matches the parent domain of the |
| 349 referrer URL host name | 365 referrer URL host name |
| 350 3 The parent domain of the referrer URL host name is not a top level | 366 3 The parent domain of the referrer URL host name is not a top level |
| 351 domain | 367 domain |
| 352 4 The dictionary URL is not an HTTPS URL. | 368 4 The dictionary URL is not an HTTPS URL. |
| 353 */ | 369 */ |
| 354 // Item (1) above implies item (2). Spec should be updated. | 370 // Item (1) above implies item (2). Spec should be updated. |
| 355 // I take "host name match" to be "is identical to" | 371 // I take "host name match" to be "is identical to" |
| 356 if (referring_url.host() != dictionary_url.host()) { | 372 if (referring_url.host() != dictionary_url.host() || |
| 373 referring_url.scheme() != dictionary_url.scheme()) { | |
| 357 SdchErrorRecovery(DICTIONARY_LOAD_ATTEMPT_FROM_DIFFERENT_HOST); | 374 SdchErrorRecovery(DICTIONARY_LOAD_ATTEMPT_FROM_DIFFERENT_HOST); |
| 358 return false; | 375 return false; |
| 359 } | 376 } |
| 360 if (referring_url.SchemeIs("https")) { | 377 if (!sdch_over_secure_enabled() && referring_url.SchemeIsSecure()) { |
| 361 SdchErrorRecovery(DICTIONARY_SELECTED_FOR_SSL); | 378 SdchErrorRecovery(DICTIONARY_SELECTED_FOR_SSL); |
| 362 return false; | 379 return false; |
| 363 } | 380 } |
| 364 | 381 |
| 365 // TODO(jar): Remove this failsafe conservative hack which is more restrictive | 382 // TODO(jar): Remove this failsafe conservative hack which is more restrictive |
| 366 // than current SDCH spec when needed, and justified by security audit. | 383 // than current SDCH spec when needed, and justified by security audit. |
| 367 if (!referring_url.SchemeIs("http")) { | 384 if (!referring_url.SchemeIsHTTPOrHTTPS()) { |
| 368 SdchErrorRecovery(DICTIONARY_SELECTED_FROM_NON_HTTP); | 385 SdchErrorRecovery(DICTIONARY_SELECTED_FROM_NON_HTTP); |
| 369 return false; | 386 return false; |
| 370 } | 387 } |
| 371 | 388 |
| 372 return true; | 389 return true; |
| 373 } | 390 } |
| 374 | 391 |
| 375 bool SdchManager::AddSdchDictionary(const std::string& dictionary_text, | 392 bool SdchManager::AddSdchDictionary(const std::string& dictionary_text, |
| 376 const GURL& dictionary_url) { | 393 const GURL& dictionary_url) { |
| 377 DCHECK(CalledOnValidThread()); | 394 DCHECK(CalledOnValidThread()); |
| (...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 557 case '/': | 574 case '/': |
| 558 (*output)[i] = '_'; | 575 (*output)[i] = '_'; |
| 559 continue; | 576 continue; |
| 560 default: | 577 default: |
| 561 continue; | 578 continue; |
| 562 } | 579 } |
| 563 } | 580 } |
| 564 } | 581 } |
| 565 | 582 |
| 566 } // namespace net | 583 } // namespace net |
| OLD | NEW |
